<?
/*
Questo script va installato sotto IIS in una virtual directory con autenticreqtype windows
*/
// --------- da personalizzare
$urlQnet = "http://dplbspf/qnet"; //url di takeoff
$codIstanza = "A1"; //codice istanza
$dirLoc = "C:/inetpub/wwwroot/takeoff_bank/login_sso"; //directory temp. per file autenticaz
// ---------
//pulizia dir_loc
$dh = opendir($dirLoc);
while($file = readdir($dh)) {
   if (substr($file,-6) != 'qz.php') { continue; }
   if (filemtime($dirLoc.'/'.$file) < (time()-10)) {
      unlink($dirLoc.'/'.$file);
   }
}
if (isset($_SERVER["LOGON_USER"])) {
   $login = $_SERVER["LOGON_USER"];
   $ax = explode("\\\\",$login);
   $login = urlencode(strtolower($ax[1]));
   $betterToken = md5(uniqid(rand(), true)).'qz';
   $fh = fopen($dirLoc.'/'.$betterToken.'.php','w');
   $phpScript  = "<?\r\n";
   $phpScript .= "\$diff = time()-".time().";\r\n";
   $phpScript .= "echo \"\\tzxcv_".$login."\\tzxcv_\".\$diff.\"\\tzxcv_\";\r\n";
   $phpScript .= "?>";
   fwrite($fh,$phpScript);
   fclose($fh);
   $uri = $urlQnet."/app/_com/loginSafeSSO.php?srv=".urlencode($_SERVER["SERVER_NAME"])
      ."&ist=".urlencode($codIstanza)."&lgn=".urlencode($login)."&rnd=$betterToken";
   foreach($_REQUEST as $nome => $val) {
      $uri .= "&$nome=".urlencode(stripslashes($val));
   }
   header("location: $uri");
   exit();
} else {
   header("location:".$urlQnet."/app/_com/login.php");
   exit();
}
?>
